From ed3d2771278cfa1c355b40c681f5acc8404156c6 Mon Sep 17 00:00:00 2001 From: Bernd Edlinger Date: Wed, 15 Nov 2023 20:32:59 +0100 Subject: [PATCH] Fix a possible memleak in PKCS7_add_attrib_smimecap When PKCS7_add_signed_attribute fails, the ASN1_STRING object may be leaked. Reviewed-by: Neil Horman Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/22744) --- crypto/pkcs7/pk7_attr.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c index 68f0a5c290..72690c5e1b 100644 --- a/crypto/pkcs7/pk7_attr.c +++ b/crypto/pkcs7/pk7_attr.c @@ -28,8 +28,12 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, } seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data, ASN1_ITEM_rptr(X509_ALGORS)); - return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, - V_ASN1_SEQUENCE, seq); + if (!PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, + V_ASN1_SEQUENCE, seq)) { + ASN1_STRING_free(seq); + return 0; + } + return 1; } STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)